Total
256654 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0946 | 1 Clam Anti-virus | 1 Clamav | 2024-02-04 | 7.5 HIGH | N/A |
Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command. | |||||
CVE-2002-1499 | 1 Factosystem | 1 Factosystem Weblog | 2024-02-04 | 7.5 HIGH | N/A |
Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote attackers to perform unauthorized database actions via (1) the authornumber parameter in author.asp, (2) the discussblurbid parameter in discuss.asp, (3) the name parameter in holdcomment.asp, and (4) the email parameter in holdcomment.asp. | |||||
CVE-2003-0653 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 5.0 MEDIUM | N/A |
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets. | |||||
CVE-2001-1424 | 1 Alcatel | 1 Speed Touch Home | 2024-02-04 | 7.5 HIGH | N/A |
Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 has a blank default password, which allows remote attackers to gain unauthorized access. | |||||
CVE-2002-0599 | 1 Blahz-dns | 1 Blahz-dns | 2024-02-04 | 10.0 HIGH | N/A |
Blahz-DNS 0.2 and earlier allows remote attackers to bypass authentication and modify configuration by directly requesting CGI programs such as dostuff.php instead of going through the login screen. | |||||
CVE-2003-1420 | 1 Opera | 1 Opera Browser | 2024-02-04 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header. | |||||
CVE-2002-0052 | 1 Microsoft | 1 Internet Explorer | 2024-02-04 | 5.0 MEDIUM | N/A |
Internet Explorer 6.0 and earlier does not properly handle VBScript in certain domain security checks, which allows remote attackers to read arbitrary files. | |||||
CVE-2003-1147 | 2024-02-04 | N/A | N/A | ||
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0955. Reason: This candidate is a duplicate of CVE-2003-0955. Notes: All CVE users should reference CVE-2003-0955 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
CVE-2002-1926 | 1 Aquonics Scripting | 1 Aquonics File Manager | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in source.php in Aquonics File Manager 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP query string. | |||||
CVE-2002-0312 | 1 Essen | 1 Essentia Web Server | 2024-02-04 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Essentia Web Server 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
CVE-2002-1011 | 1 Ibm | 1 Tivoli Management Framework | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request. | |||||
CVE-2001-0061 | 1 Freebsd | 1 Freebsd | 2024-02-04 | 7.2 HIGH | N/A |
procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a child process and executing a privileged process from the child, while the parent retains access to the child's address space. | |||||
CVE-1999-0422 | 1 Netbsd | 1 Netbsd | 2024-02-04 | 4.6 MEDIUM | N/A |
In some cases, NetBSD 1.3.3 mount allows local users to execute programs in some file systems that have the "noexec" flag set. | |||||
CVE-2002-2368 | 1 Nec | 1 Socks 5 | 2024-02-04 | 10.0 HIGH | N/A |
Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in proxy.c for the SOCKS4 module. | |||||
CVE-2000-0154 | 1 Sco | 1 Unixware | 2024-02-04 | 1.2 LOW | N/A |
The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. | |||||
CVE-2001-0482 | 1 Argus Systems | 1 Pitbull Lx | 2024-02-04 | 7.2 HIGH | N/A |
Configuration error in Argus PitBull LX allows root users to bypass specified access control restrictions and cause a denial of service or execute arbitrary commands by modifying kernel variables such as MaxFiles, MaxInodes, and ModProbePath in /proc/sys via calls to sysctl. | |||||
CVE-1999-0214 | 1 Sun | 1 Sunos | 2024-02-04 | 10.0 HIGH | N/A |
Denial of service by sending forged ICMP unreachable packets. | |||||
CVE-2002-0476 | 1 Macromedia | 1 Flash Player | 2024-02-04 | 5.0 MEDIUM | N/A |
Standalone Macromedia Flash Player 5.0 allows remote attackers to save arbitrary files and programs via a .SWF file containing the undocumented "save" FSCommand. | |||||
CVE-2002-0663 | 1 Symantec | 2 Norton Internet Security, Norton Personal Firewall | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request. | |||||
CVE-2000-0827 | 1 Mobius | 1 Documentdirect For The Internet | 2024-02-04 | 10.0 HIGH | N/A |
Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username. |